Black Hat 2019 brings out new security, protection offerings

At the 22nd annual Black Hat conference in Las Vegas for computer security consulting, training and briefing, industry experts came together from Aug. 3 to 8 to discuss emerging threats in cybersecurity, such as new attack methods and critical vulnerabilities across various industries. The conference also served as the birthplace for many potential answers to the security issues highlighted. Vendors in security and networking used Black Hat as an opportunity to unveil their newest products and services to the tens of thousands of attendees that ranged from executives and security professionals to small-business owners to individuals with an interest in the cybersecurity world.

While some vendors released new offerings leading up to the main two days of the conference — including BlackBerry’s Intelligent Security, LogicHub’s SOAR+ platform and Gurucul’s Network Behavior Analytics tool — many waited to announce their wares. Here are some of the latest releases from security vendors at Black Hat 2019.

Carbon Black

Carbon Black Inc. introduced customizable API Access Control across its cloud-native endpoint protection platform to give security teams more control of data access and management. With greater control, security teams are less likely to face risks and misuse, according to the vendor.

API Access Control enables administrators to decide if individual integrations can read, update, create or delete certain data across the platform. By providing a principle of least privilege for integrations between products, security teams can maintain flexibility across their technology stack and thoroughly control data access and management, according to the vendor.

Carbon Black also introduced a new API for its real-time endpoint query and remediation product, CB LiveOps. The new API enables users to initiate automated queries and integrate results from CB LiveOps with the security stack to improve workflows and confidence in responses. Carbon Black said these capabilities will save time when investigating threats, assessing vulnerabilities and managing endpoints.

CrowdStrike

CrowdStrike Inc. introduced a new feature to its CrowdStrike Falcon platform for endpoint protection, CrowdScore. The offering enables corporate executives to view real-time threat levels of their organization and deploy resources to prevent or address attacks. According to the vendor, lack of resources and prioritization historically prevent organizations from detecting, understanding and containing threats in a timely manner, and it claims CrowdScore will improve metrics.

CrowdScore intends to help organizations detect threats in one minute, understand them in 10 minutes and contain them in 60 minutes with the following features:

A real-time organizational threat score helps security teams understand the current state of threats and supports executive decision-making.

Digital Guardian

DG Wingman claims to aid security teams in extracting forensic artifacts such as the Master File Table, Windows registry and Windows event logs for intrusion analysis. With DG Wingman, security teams can also execute custom commands or collect metadata with a full endpoint scan from portable files such as hashes and certificates.

Onapsis

Updates to the Onapsis Platform bring change assurance, automated governance and continuous monitoring capabilities to protect business-critical applications, designed for collaboration among IT, cybersecurity, development and governance, risk and compliance teams to improve workflows, automate manual tasks and lower costs.

With this update, the Onapsis Platform integrates tools from Virtual Forge and the Onapsis Security Platform to bring four modules:

Assess, which gives development and security teams insight to discover, assess, prioritize and improve code quality and reduce application vulnerabilities;

Comply, an automated governance that provides compliance, IT and business application administration teams with enforcement and reporting capabilities; and

Defend, which brings continuous monitoring and real-time visibility to business applications and enables security operations center and incident response teams to respond to internal and external threats.

SentinelOne

SentinelOne launched a new version of its server and workload protection offering built specifically for containers. SentinelOne’s platform brings behavioral AI and autonomous threat response capabilities to cloud-native and containerized workloads to provide prevention, detection, response and hunting of cyberthreats.

The vendor claims that as workloads increasingly move toward cloud architectures, most endpoint protection platforms aren’t equipped to protect the growing cloud attack surface. The SentinelOne platform intends to provide full visibility and threat response capabilities for containers in addition to traditional cloud servers and private data centers. SentinelOne’s server and workload protection platform can be deployed in containers, in machines that host containers, in servers or in the cloud.

Tenable

Tenable Inc. added new capabilities to its Tenable.io and Tenable.sc offerings to discover and assess all assets — known and unknown — across on-premises and cloud environments. The new features are based on Tenable’s Nessus Network Monitor (NNM) platform for passive network monitoring, and will come at no additional cost.

Tenable’s newest capabilities include the following:

NNM Discovery Mode enables users to continuously monitor networks to discover assets without using a product license to eliminate blind spots in the network.

NNM Discovery Mode and Rogue Asset Automatic Assessment will be available later this year; Tenable Cloud Connector Auto-Discovery is generally available now.

Tigera

The newest version of Tigera Secure Enterprise Edition enables security teams to use Palo Alto Networks’ Panorama to define and enforce security policies for cloud-native Kubernetes applications. Tigera Secure Enterprise Edition 2.5 allows security teams to secure and monitor inbound and outbound traffic as well as traffic between workloads with existing tools and processes.

Tigera Secure 2.5 also eliminates the need for security to be entirely delegated to infrastructure and application teams; with this update, security teams can define zone-based architecture and firewall rules themselves through Panorama, without the need for additional training or tools.

Security Configuration Monitoring and Compliance continuously monitors, reports and alerts on security-related configuration issues to prevent exploitation by a hacker.

Splunk integration enables security teams to use existing tools and processes to manage traditional and modern Kubernetes workloads.

Ingress Flow Logs identify source and destination data and Kubernetes context of all traffic to provide a comprehensive view of all network flows and their sources and destinations.

Venafi

Aiming to eliminate certificate-related outages for machine identity protection, Venafi released the Via Venafi No Outages Guarantee to keep critical business systems intact. Venafi’s new tool intends to control certificates shared among multiple applications across complex, multi-tiered architectures to simplify the outage prevention process.

According to Venafi, 2.6 million certificates expire every seven days; when certificates expire unexpectedly, machines and applications stop sharing data with other machines, ceasing business operations.

Via Venafi No Outages Guarantee uses capabilities from the Venafi Platform in addition to the experience of experts in the field and a customizable, step-by-step implementation plan to bring visibility and automation to processes that help users prevent certificate outages.

Virtru

Virtru Developer Hub is a development portal that integrates data protection capabilities with zero-trust architecture, enabling developers to embed platform-agnostic protection to appliances or connected devices securely with a few lines of code.

The Virtru Developer Hub brings the following data protection capabilities:

Categories

we are all about Ethical Hacking, Penetration Testing & Computer Security. We share and comment on interesting infosec related news, tools and more. Follow us on RSS ,Facebook or Twitter for the latest updates. DigitalMunition is designed to help Auditors, Pentesters & Security Experts to keep their ethical hacking oriented toolbox up-to-date .
This website is made for educational and ethical testing purposes only。It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this website.